const express = require('express');

const csrfProtection = require('../middleware/csrf-protection');
const parseForm = require('../middleware/parse-form');
const accountController = require('../controller/account-controller');
const passportGithub = require('../dao/auth/github');

const router = express.Router();

router.get('/ping', (req, res) => {
  res.status(200).send('pong!');
});

/**
 * @api { get } / 默认入口
 * @apiDescription index.html
 * @apiGroup 群组
 * @apiName api名称
 * @apiParam { String } username User's name
 * @apiParam { String } password User's password
 * @apiSuccessExample { json } Success-response:
 * res.json({
      code: 200,
      status: 0,
      msg: '注册成功',
      result
    })
    res.json({
      code: 200,
      status: -1,
      msg: '用户已注册',
      result: null
    })
    res.json({
      code: 200,
      status: -1,
      msg: '信息不完善,操作失败',
      result: null
    })
 * @apiSampleRequest /index
 * @apiVersion 1.0.0
 */
/**
 * @openapi
 * /:
 *   get:
 *     tags:
 *       - 首页
 *     description: Welcome to swagger-jsdoc!
 *     responses:
 *       200:
 *         description: Returns a mysterious string.
 */
router.get('/', (req, res, next) => {
  const { title, description } = req.query;
  res.render('index', { title: title || 'Express', description: description || '首页' });
});
router.get('/index', (req, res, next) => {
  const { title } = req.query;
  res.redirect(`/?title=${title}`);
});
router.get('/upload', (req, res, next) => {
  res.render('upload');
});

router.get(
  '/captcha',
  accountController.getCaptchaHandler,
);

router.post(
  '/register',
  accountController.registerHandler,
);

router.post(
  '/login',
  accountController.loginHandler,
);

router.get(
  '/auth/github',
  passportGithub.authenticate('github', { scope: ['user:email'] }),
);

router.get(
  '/auth/github/callback',
  passportGithub.authenticate('github', { failureRedirect: '/login' }),
  (req, res) => {
    // Successful authentication
    res.json(req.user);
  },
);

router.get(
  '/logout',
  accountController.verifyTokenHandler,
  accountController.logoutHandler,
);

router.post(
  '/user/update',
  accountController.verifyTokenHandler,
  accountController.updateHandler,
);

router.post(
  '/user/destroy',
  accountController.verifyTokenHandler,
  accountController.destroyHandler,
);

router.get(
  '/user/info',
  accountController.verifyTokenHandler,
  accountController.infoHandler,
);

router.get('/form', csrfProtection, (req, res) => {
  // pass the csrfToken to the view
  // res.cookie('XSRF-TOKEN', req.csrfToken())
  // res.render('index')
  res.json({
    csrfToken: req.csrfToken(),
  });
  // <meta name="csrf-token" content="{{csrfToken}}">
});

router.post('/process', parseForm, csrfProtection, (req, res) => {
  // 若不传递headers.CSRF-Token,则是404
  res.json({
    message: 'data is being processed',
  });
});

router
  .route('/book')
  .get((req, res) => {
    res.send('Get a random book');
  })
  .post((req, res) => {
    res.send('Add a book');
  })
  .put((req, res) => {
    res.send('Update the book');
  });

module.exports = router;
